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DETAILED ACTION 
Response to Amendment 

This office action is in response to amendment filed on 1 1/30/07. The amendment filed 
on 1 1/30/07 has been entered and made of record. Therefore, presently pending claims are 1-2, 
4-18, 20-27, 29-35, and 59. 



Response to Arguments 

Applicant's arguments filed 1 1/30/07 have been fully considered. However the 
arguments are not found persuasive. 

The applicant argued that Claim 1 recites a method for establishing a secure 
communication link through a communication network. In response to applicant's arguments, 
the recitation has not been given patentable weight because the recitation occurs in the preamble. 
A preamble is generally not accorded any patentable weight where it merely recites the purpose 
of a process or the intended use of a structure, and where the body of the claim does not depend 
on the preamble for completeness but, instead, the process steps or structural limitations are able 
to stand alone. See In re Hirao, 535 F.2d 67, 190 USPQ 15 (CCPA 1976) and Kropa v. Robie, 
187 F.2d 150, 152, 88 USPQ 478, 481 (CCPA 1951). 

The applicant argued further that the smart card communication device produces an 
outgoing secure data signal without deciphering the secured data. This is not found persuasive. 
In the combination of Naccache and Hohle, Naccache teaches the message enciphered at the 
smart card and sent to the device B while the system of Hohle discloses the communication from 
the access point to the central computer (Hohle column 5 lines 64-67). 
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The applicant argued further that communication over a network is different than 
communication over a communication network. This is not persuasive because the definition of 
a network is a group of computers and associated devices that are connected by communication 
facilities. In the case if Naccache the smart card is the associated device which communicates 
with the computer and the communication interface corresponds to the communication facilities. 

The applicant argued further that Naccache fails to teach or suggest a central system that 
is remote from the smart card. This is found persuasive because in the combination of Naccache 
and Hohle, Hohle discloses the communication from the access point to the central computer 
(Hohle column 5 lines 64-67). 

In response to applicant's argument that the references fail to show certain features of 
applicant's invention, it is noted that the features upon which applicant relies (i.e., data integrity 
from a smart card passing through a smart card device and communication network, and further 
to a remote central computer system ) are not recited in the rejected claim(s). Although the 
claims are interpreted in light of the specification, limitations from the specification are not read 
into the claims. See In re Van Geuns, 988 F.2d 1 181, 26 USPQ2d 1057 (Fed. Cir. 1993). 

In response to applicant's argument that the communication of data in Naccache is 
attributed to the physical communication through a communication interface, the fact that 
applicant has recognized another advantage which would flow naturally from following the 
suggestion of the prior art cannot be the basis for patentability when the differences would 
otherwise be obvious. See Ex parte Obiaya, 227 USPQ 58, 60 (Bd. Pat. App. & Inter. 1985). 



Application/Control Number: 09/360,068 
Art Unit: 2135 



Page 4 



Claim Rejections - 35 USC § 103 

The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are 
such that the subject matter as a whole would have been obvious at the time the invention was made to a person 
having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the 
manner in which the invention was made. 

Claims 1, 2, 4-17, 29-35, and 59 are rejected under 35 U.S.C. 102(e) as being anticipated 
by Hohle et al (6,101,477) in view of Naccache (5,414,772) and further in view of Hilton. 

In reference to claim 7, Hohle teaches a system for establishing a secure connection 
between a smart card and a central computer (issuer 10), Fig. 10. The system uses the method of 
outgoing secure signal transmitted from the smart card to produce an out going secure data 
signal, column 3 lines 31-51. The connection described by Hohle is a secure connection because 
the system uses the DES algorithm for encryption of a random number in the challenge/response 
authentication, column 1 1 line 63 to column 12 line 36. Since that data is sent over the network 
disclosed in Fig. 10, it must be system, issuer 10. The card is described as communicating with 
the issuer 10 through the client formatted in accordance with a communication network protocol 
to produce an outgoing format. Finally, in column 5 line 64 to column 6 line 4, the formatted 
signal is sent to the central computer host (the access point) and therefore, for communication to 
take place a signal must be sent from the card to the central computer system. 

Hohle further discloses the signal, in the form of a message, formatted to allow the . 
central computer system to detect a modification to the secured data occurring during 
transmission beginning at the smart card and extending to the central computer system (column 
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22 lines 47-67). The message of Hohle is signed in order to determine whether the message has 
been altered during transmission. 

Although Hohle discloses a system wherein the smart card transactions have a security 
dimension (column 21 line 43 to column 22 line 36), Hohle does not expressly disclose the 
outgoing transmission sent without deciphering the data. In addition Hohle does not teach 
receiving at a smart card communication device an outgoing message and using the smart card 
communication device to produce an outgoing secure data signal. 

Naccache discloses a system that comprises at least two parts, connected to each other by 
the means of a common communication interface (abstract). Naccache discloses receiving at a 
smart card communication device an outgoing transmission sent without deciphering the data 
(part 10 Fig 1 in combination with column 4 lines 15-21). In addition Naccache teaches 
receiving at a smart card communication device an outgoing message and using the smart card 
communication device to produce an outgoing secure data signal (column 5 lines 60-66 in 
combination with column 2 lines 56-58), and communicating to a central computer system that is 
remote from the smart card communication device (column 6 lines 1-11 in combination with Fig. 
3) wherein the computer, device B, corresponds the central computer system. 

At the time the invention was made, it would have been obvious to a person of ordinary 
skill in the art to perform the security function in the smart card as in Naccache in the system of 
Hohle. One of ordinary skill in the art would have been motivated to do this because the 
communication of data takes negligible time when compared to the effort for computing modular 
inverses. 
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Although Hohle discloses secure contactless communications that utilize inductive 
couplings, Hohle does not disclose RF communications and therefore demodulating an outgoing 
radio frequency signal transmitted from the smart card to produce an outgoing signal. 

Hilton discloses RF communications between a smartcard and the field device (Fig. 4). 
Therefore Hilton suggests the demodulation of an outgoing radio frequency signal transmitted 
form the smart card to produce an outgoing signal (column 3 line 50 to column 4 line 1). The RF 
communications disclosed by Hilton includes the receiving and transmitting of a radio frequency 
signal (Fig. 4). 

At the time the invention was made, it would have been obvious to a person of ordinary 
skill in the art to use the RF communication as in the system of Hilton between the smart card 
and central system of Hohle. One of ordinary skill in the art would have been motivated to do 
this because RF communication and inductive communication links are interchangeable methods 
of contactless communication for smart cards (column 1 lines 1 1-20). 

In reference to claim 29 Hohle discloses the secure data formatted by the smart card to 
allow the central computer system to detect a modification to the secure data occurring during 
transmission (column 22 lines 47-67). 

Hohle discloses a contactless smart card, however Hohle does not expressly disclose 
expressly a communication interface for transmission beginning at the smart card and extending 
to the central computer system without deciphering the secure data. 

Naccache discloses a system that comprises at least two parts, connected to each other by 
the means of a common communication interface (abstract). The system includes the 
transmission beginning at the smart card and extending to the central computer system (Fig. 3). 
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A data communication interface adapted to exchange the secure data with the processor through 
a baseband data communication channel without deciphering the secure data (part 10 Fig 1 in 
combination with column 4 lines 15-21). 

At the time the invention was made, it would have been obvious to a person of ordinary 
skill in the art to perform the security function in the smart card as in Naccache in the system of 
Hohle. One of ordinary skill in the art would have been motivated to do this because the 
communication of data takes negligible time when compared to the effort for computing modular 
inverses. 

Although Hohle discloses secure contactless communications that utilize inductive 
couplings, Hohle does not disclose RF communications. 

Hilton discloses a radio frequency transceiver adapted to exchange secure data with a 
smart card through a radio frequency communication channel (column 3 line 50 to column 4 line 
1). The RF communications disclosed by Hilton includes the receiving and transmitting of a 
radio frequency signal (Fig. 4). 

At the time the invention was made, it would have been obvious to a person of ordinary 
skill in the art to use the RF communication as in the system of Hilton between the smart card 
and central system of Hohle. One of ordinary skill in the art would have been motivated to do 
this because RF communication and inductive communication links are interchangeable methods 
of contactless communication for smart cards (column 1 lines 1 1-20). 

In reference to claims 2 and 30, Hohle subjects the out going data to a security function 
only in the smart card and the central computer system. The data is "signed" by the central 
computer by producing the MAC, column 22 lines 53-58. The card then produces a MAC based 
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on the received message and compares them and the two MACs will not match if the message or 
the wrong key has been used, column 22 lines 59-67. 

In reference to claim 4, in the system of Hohle the data at the central computer (the bank 
computer 150) is transformed back into plain text, column 16 lines 45-47. The data is sent over 
the network to the central computer, column 16 line 34, as a result, it is apparent that it must 
have been reformatted. 

In reference to claim 5, the system disclosed by Hohle receives the incoming secure 
formatted signal from the central computer as discussed in claim 1. Wilson teaches that 
communication in the opposite direction, in this case from the central computer to the smart card, 
may be performed in the same way, column 15 lines 30-43. 

In reference to claims 6 and 33, the Hohle reference teaches of contactless cards using 
phase, frequency and amplitude modulation, column 3 lines 44-45, therefore the reader 
demodulates the signal sent over radio frequencies. Wilson teaches applying cipher text to a 
decryption module to arrive at the plain text, column 15 lines 30-51. 

In reference to claim 7, the security function is as discussed above in the discussion for 
claim 6. 

In reference to claims 8 and 34, the data is encoded in the smart card, as discussed for 
claim 3, which would make the outgoing data signal secure. 

In reference to claim 9, Hohle further teaches generating a MAC at the smart card and 
then appending it to the outgoing data as a electronic seal to sigh the data, column 22 lines 47-67. 
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In reference to claim 10, 11, 15, 16, and 35, Hohle discusses the use of a MAC to seal 
messages with in order to detect an unauthorized modification of the outgoing data, column 22 
lines 47-67. 

In reference to claim 14, Hohle discloses a system where a MAC and appended to the 
message, column 22 lines 47-67. 

In reference to claim 1 7, encoding using a smart card and transmitting the radio 
frequencies, the modulation of the outgoing radio frequency, formatting of the secure data, and 
the transmission of outgoing data has been discussed in reference to claim 1 . The reformatting 
of the outgoing secure signal and decoding of the signal has been discussed in reference to claim 
4. While the reference to claim 8 discusses the encoding of information from the central 
computer. It is evident that since the signal is sent over the network, it would be formatted to 
produce an incoming formatted signal. The reference to claim 5 discusses the receiving, 
reformatting, and transmission of the secure signal. Finally the demodulation and the decoding 
of the secure data signal is discussed in reference to claim 6. Hohle's further discloses the using 
a message authentication code for a signing. The signing is used to determine whether the 
message was altered during transmission (column 22 lines 37-67). Wherein the system allows 
for the signing in both directions to and from the smart card (column 22 lines 57-58). 

In reference to claim 12-13, 31-32, Naccache discusses the use of a smart card to encrypt 
data using software stored on the card and being able to perform the communication in both 
directions (column 4 lines 49-61). 

At the time the invention was made, it would have been obvious to a person of ordinary 
skill in the art to encrypt the data in the smart card as in Naccache in the system of Hohle. One 
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of ordinary skill in the art would have been motivated to do this because it would discourage a 
third party from intercepting unencrypted data. 

In reference to claim 59 wherein the secured data is formatted to allow the central 
computer system to authenticate identity of the sender (Hohle column 21 line 63 to column 22 
line 14). 

Claim 21 is rejected under 35 U.S.C. 103(a) as being unpatentable over Hohle in view of 
Murphy et al (6, 226, 744 Bl) and further in view of Hilton and further in view of Naccache. 

In reference to claim 21, Hohle discloses a system for communication between a smart 
card and a central computer with the ability for some of the software to exist outside the card and 
be downloaded during transaction, column 4 lines 49-54. The secure data is exchanged with the 
smart card reader, column 3 lines 42-45. Although Hohle discloses a system that includes an 
authentication process, Hohle does not disclose a system where interface software can be 
downloaded to perform the authentication. Hohle further discloses the signal, in the form of a 
message, formatted to allow the central computer system to detect a modification to the secured 
data occurring during transmission beginning at the smart card and extending to the central 
computer system (column 22 lines 47-67). The message of Hohle is signed in order to determine 
whether the message has been altered during transmission. 

Murphy discloses a system where a user can download a smart card interface module to 
the client terminal for the authentication process, column 6 lines 8-25. The secure gateway 
server corresponds to the HTTP server recited in claim 21. A HTTP server by definition is a 
software that uses HTTP documents and any associated files and scripts when requested by a 
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client, such as a web browser. The gateway server disclosed by Murphy communicates with the 
client (web browser) and therefore by necessity uses HTTP to communicate (column 6 lines 8- 
21). 

At the time the invention was made, it would have been obvious to a person of ordinary 
skill in the art to add the Client terminal 14 described by Murphy to download the interface for 
the authentication process disclosed by Hohle and using the smart card and smart card reader 
disclosed by Hohle. One of ordinary skill in the art would have been motivated to do this 
because users would be able to access restricted information with the smart card without having 
to install software, column 3 lines 24-28. 

Although Hohle discloses secure contactless communications that utilize inductive 
couplings, Hohle does not disclose RF communications and therefore demodulating an outgoing 
radio frequency signal transmitted from the smart card to produce an outgoing signal. 

Hilton discloses RF communications between a smartcard and the field device (Fig. 4). 
Therefore Hilton suggests the demodulation of an outgoing radio frequency signal transmitted 
form the smart card to produce an outgoing signal (column 3 line 50 to column 4 line 1). 

At the time the invention was made, it would have been obvious to a person of ordinary 
skill in the art to use the RF communication as in the system of Hilton between the smart card 
and central system of Hohle. One of ordinary skill in the art would have been motivated to do 
this because RF communication and inductive communication links are interchangeable methods 
of contactless communication for smart cards (column 1 lines 1 1-20). 

Although Hohle discloses a system wherein the smart card transactions have a security 
dimension (column 21 line 43 to column 22 line 36), Hohle does not expressly disclose the 
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outgoing transmission sent without deciphering the data. Hohle also does not disclose a local 
smart card communication to a smart card. Although Murphy discloses downloading software to 
a smartcard, Murphy does not disclose exchanging the secure data between the smart card 
through a network and the processor is located remotely from the central computer system. 

Naccache discloses a system comprising at least two parts connected to each other by 
means of a common communication interface (abstract). The secured data of the system of 
Naccache is formatted by the smart card (Fig. 1). The system includes the central computer 
(computer) system that is configured to detect the modification to the secured data and to process 
a transaction for the smart card using the secured data included in the outgoing formatted secure 
signal (Fig. 3). Since the smart card contains the communication interface (Fig. 1), the secure 
data is not deciphered (column 14 lines 40-55). Naccache teaches further a smart card that is 
configured to communicate securely with a central computer (Fig. 3). 

At the time the invention was made, it would have been obvious to a person of ordinary 
skill in the art to perform the security function in the smart card as in Naccache in the system of 
Hohle. One of ordinary skill in the art would have been motivated to do this because the 
communication of data takes negligible time when compared to the effort for computing modular 
inverses. 

Claims 18, 20, 22, and 23-27 are rejected under 35 U.S.C. 103(a) as being unpatentable 
over Murphy et al. (6,226744 Bl) in view of Hilton et al (6304223) and further in view of 
Naccache. 
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In reference to claim 18, Murphy discloses exchanging the secure data through a 
communication network with the central computer system (column 4 lines 44-48 column 3 lines 
30-50) wherein central computer system is the combination of computers as in Fig 1 parts 18, 22, 
24, 20, and 26; and performing a security function on the data at the central computer system 
(column 6 lines 32-49). The system of Murphy discloses performing a security function at the 
smart card on secure data received from the central computer system (column 6 lines 56-63). 
Murphy further discloses the system having the ability to access restricted information from the 
servers. However the user uses the smart card for authentication in order to receive the data. 
Access control using the smart card is a security function that is performed on the secure data, 
restricted data, in order for the user to receive the restricted data. 

Although Murphy discloses a smart card that is coupled with a client device (Fig. 1), the 
smart card is not a contactless smart card. 

Hilton discloses a contactless card smart card (abstract). Secure data is exchanged 
through a radio frequency communication channel with the smart card (column 3 lines 50-67). 

At the time the invention was made, it would have been obvious to a person of ordinary 
skill in the art to modify the card reader and smart card in Murphy to be contactless RF 
communications as in Hilton. One of ordinary skill in the art would have been motivated to do 
this because the device will not require contact between the smart card and the validator (Hilton 
column 1 lines 10-15). 

Although Murphy discloses the smart card performing security functions such as 
signatures, Murphy does not actually disclose signing data in order to determine whether the data 
was altered during transmission. 
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Naccache discloses a system comprising at least two parts connected to each other by 
means of a common communication interface (abstract). The secured data of the system of 
Naccache is formatted by the smart card (Fig. 3). The system includes the central computer 
(verification device) system that is configured to detect the modification to the secured data and 
to process a transaction for the smart card using the secured data included in the outgoing 
formatted secure signal (Fig. 3). Since the smart card contains the communication interface (Fig. 
1), the secure data is not deciphered (column 14 lines 40-55). Naccache teaches further a smart 
card that is configured to communicate securely with a central computer (Fig. 3). 

At the time the invention was made, it would have been obvious to a person of ordinary 
skill in the art to perform the security function in the smart card as in Naccache in the system of 
Hohle. One of ordinary skill in the art would have been motivated to do this because the 
communication of data takes negligible time when compared to the effort for computing modular 
inverses. 

In reference to claim 20, since the data is transported over the network as shown in Fig 1 , 
the data is evidently formatted in accordance with the communication network protocol for the 
network in Fig. 1 ? and reformatted at the central computer. The data is transmitted through the 
communication network as shown in Fig. 1 . 

In reference to claim 22, the secure data is exchanged over a baseband channel, Murphy 
fig 1 where the smart card reader is connected to a client terminal, which then connects to the 
network. Murphy discloses a system that exchanges data with a central computer. 

In reference to claim 25, the smart card reader described by Murphy is connected to a 
client terminal, Fig. 1. The smart card reader described by Hilton is a proximity card. In 
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Murphy Fig. 1 the access points are connected to a network. The central computer authenticates 
the smart card; therefore has a security device coupled to it (column 6 lines 32-49). 

At the time the invention was made, it would have been obvious to a person of ordinary 
skill in the art to modify the card reader and smart card in Murphy to be contactless RF 
communications as in Hilton. One of ordinary skill in the art would have been motivated to do 
this because the device will not require contact between the smart card and the validator (Hilton 
column 1 lines 10-15). 

In reference to claim 26, the client terminal in Murphy works on the Internet (Fig. 1). 

In reference to claims 23, the secure data is not deciphered within the communication 
link (Fig. 1). 

In reference to claims 24, the step of subjecting the secure data to a security function only 
at the smart card and at the and at the central computer (column 5 lines 51-67). 

In reference to claim 27 is the same discussion as in the reference to claim 23 and 24. 
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Conclusion 



Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Paula W. Klimach whose telephone number is (571) 272-3854. 
The examiner can normally be reached on Mon to Thr 9:30 a.m to 5:30 p.m. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Kim Vu can be reached on (571) 272-3859. The fax phone number for the 
organization where this application or proceeding is assigned is 703-872-9306. 

Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). 

PWK NASSER MOAZZAMI 



Thursday, February 14, 2008 
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